Internal Control Guidelines Internal Control Guidelines Internal Control Guidelines Internal Control Guidelines Internal Control Guidelines Internal Control Guidelines Internal Control Guidelines Internal Control Guidelines Interpretation of regulatory reporting I t t ti f l t ti instructions – Understanding of instructions - Relationship between regulatory reports and public financial statements and public financial statements Limited understanding of regulatory reporting instructions and lack of reconciliation between instructions and lack of reconciliation between reports/schedules result in inaccurate regulatory reports.
Internal Control Guidelines Internal Control Guidelines Internal Control Guidelines Internal Control Guidelines Internal Control Guidelines Internal Control Guidelines Internal Control Guidelines Internal Control Guidelines Interpretation of regulatory reporting Interpretation of regulatory reporting instructions Best Practices Review the report specifications for all regulatory reports and compare to regulatory l t t d t l t reporting instructions to ensure specifications are in compliance with the instructions. p Obtain clarification of instructions in writing. Attend FRB seminars Attend FRB seminars.
Internal Control Guidelines Internal Control Guidelines Internal Control Guidelines Internal Control Guidelines Internal Control Guidelines Internal Control Guidelines Internal Control Guidelines Internal Control Guidelines Documentation Documentation – Procedure Manual A lack of written or inaccurate procedures could result in A l k f itt i t d ld lt i inconsistent practices among employees and inaccurate and unreliable reports. Best Practice The procedure manual should include: (1) Procedures for all regulatory reports; (2) Adequate descriptions for any adjustments; and (3) Process to review new/complex banking products (3) Process to review new/complex banking products from regulatory reporting perspective.
Internal Control Guidelines Internal Control Guidelines Internal Control Guidelines Internal Control Guidelines Internal Control Guidelines Internal Control Guidelines Internal Control Guidelines Internal Control Guidelines Documentation Documentation – Regulatory Reporting Policy Manual - Provides guidelines and overall framework to ensure uniformity and standardization Inadequate policies could result in inconsistent practices leading to inaccurate regulatory reports. p g g y p
Internal Control Guidelines Internal Control Guidelines Internal Control Guidelines Internal Control Guidelines Training program T i i – Regulatory reporting staff – Staff responsible for providing regulatory reporting information
Internal Control Guidelines Internal Control Guidelines Internal Control Guidelines Internal Control Guidelines Internal Control Guidelines Internal Control Guidelines Internal Control Guidelines Internal Control Guidelines Accounting – Accurate posting – Adequate account review and reconciliation Inadequate controls result in misstated regulatory reports and inaccurate and unreliable financial records. li bl fi i l d Best Practices E Employees are properly trained on performing l l i d f i accounting functions. Automated accounting systems have adequate Automated accounting systems have adequate input and processing controls.
Internal Audit l A dit I t
Internal Audit Internal Audit Internal Audit Internal Audit Working with auditors is critical – Obtain valuable feedback – File high quality reports
Internal Audit Internal Audit Internal Audit Internal Audit Improving Communication Improving Communication Between You and the Auditors Communicate and coordinate with the auditors Comm nicate and coordinate ith the a ditors – Appoint an Audit Coordinator: - Meet with the Audit Team - Compile the information requested - Discuss priorities with staff Di i iti ith t ff
Internal Audit Internal Audit Internal Audit Internal Audit Internal Audit Adds Value to Regulatory Reporting Incorporate regulatory reporting review in your audit plan/program Ensure senior management is aware of reporting risks not covered by the audit plan p g y p Add value to the regulatory reporting – Evaluate accuracy of reports by reducing the risk of misreporting – Effectiveness of the reporting process
Internal Audit Internal Audit Internal Audit Internal Audit Internal Audit Adds Value Internal Audit Adds Value to Regulatory Reporting Staff qualifications – Continued education and training Maintain a dialogue with supervisors Follow-up on prior findings and Follow up on prior findings and recommendations
Internal Audit Internal Audit Internal Audit Internal Audit “Management self-assessments” or “control self-assessments” – May not be impartial – Internal audit involvement Frequency of regulatory reporting audits
General Ledger l L d G
General Ledger General Ledger General Ledger General Ledger General Ledger (G/L) General Ledger (G/L) – Account titles and definitions – New G/L account approval process N G/L l – Chart of accounts (example) – Issues – Review
General Ledger General Ledger General Ledger General Ledger G/L account titles and definitions G/L t titl d d fi iti – Unclear or misleading – Missing Missing New G/L account review process New G/L account review process
General Ledger General Ledger Example G/L CHART OF ACCOUNTS G/L CHART OF ACCOUNTS Cash and Due from Banks Reserves with Federal Reserve Bank Due from commercial banks in the U S Due from commercial banks in the U.S. Due from banks in foreign countries Deferred debits - DDA related Securities Securities U.S. Treasury securities - htm U.S. Government sponsored agencies - afs MBS-Pass through securities: guaranteed by GNMA - trading MBS Pass through securities: guaranteed by GNMA trading Deposits Demand deposits - commercial banks in the U.S. Demand deposits - IPC Demand deposits IPC NOW Stockholder’s Equity Common stock Additional paid - in - capital (Surplus) Retained earnings (Undivided profits)
General Ledger General Ledger Example G/L DESCRIPTION OF ACCOUNT Section: Section: Assets Assets Account name/#: Deferred Debits - demand deposit related; 006 - xxx Applicable to: Demand deposits in domestic offices Description Deferred debits represent cash items in Bank’s possession drawn on Bank s demand deposit accounts which cannot be charged to the proper Bank’s demand deposit accounts which cannot be charged to the proper account on the day received. The item may have been received late or with insufficient/inaccurate information to determine the proper account for recording the item Although the work cannot be processed to the proper recording the item. Although the work cannot be processed to the proper G/L account on the day received, it will be recorded on the books of the Bank by the use of a holding account . The following day , the item will be d bit d t th debited to the customer’s demand deposit account . t ’ d d d it t
General Ledger General Ledger Example G/L DESCRIPTION OF ACCOUNT Section: Assets Account name/#: Account name/#: Deferred Debits demand deposit related; 006 xxx Deferred Debits - demand deposit related; 006 - xxx Applicable to: Demand deposits in domestic offices Accounting Entries Debit: Deferred debits - demand deposit related 006 - xxx Credit: Various accounts All deferred entries should be reversed on the following business day . Bank policy dictates items in deferred accounts may not be rolled over a fourth day . Any deferred item that cannot be processed to the proper y p p p y account at the end of the third business day must be charged off as follows: Debit: Difference and Fine - Debit, Account 466 - xxx (Expense) Credit: Deferred Debits - demand deposit related 006 - xxx
General Ledger General Ledger General Ledger General Ledger B Best Practices P i All G/L accounts should contain clear titles; account definitions should be comprehensive and clearly describe p y the nature of the account. New G/L accounts should be in compliance with regulatory p g y reporting instructions – Correctly applied/mapped to regulatory reports – The process should be described in the procedure manual
General Ledger General Ledger General Ledger General Ledger G/L data integrity issues G/L d i i i – Inter-company (related party transactions) – Reconciliation – Incorrect use of G/L accounts by businesses co ect use o G/ accou ts by bus esses or cost centers
General Ledger General Ledger General Ledger General Ledger G/L issues G/L issues Best Practices Management should ensure the integrity Management should ensure the integrity of information on the G/L by enforcing accountability. Regulatory reporting staff should review the G/L, daily, and any discrepancies should be resolved prior to filing of regulatory reports. i fili f l
Staffing St ffi
Staffing Staffing Staffing Staffing Improve Work Process Retention
Staffing Staffing Staffing Staffing Staffing – Adequacy Adequacy – Qualifications – Continuing education and training C i i d i d i i – Communication (accounting policy, SEC reporting, internal audit, legal, IT compliance, operations and businesses)
Systems and Data C ll Collection Process i P Vadim Tovshteyn
Objectives Objectives Objectives Objectives Information system controls y Data collection process System interface and legacy systems S t i t f d l t Data integrity Manual adjustments Early detection system Early detection system Industry trend Transaction Level Data Base (Data warehouse) T i L l D B (D h )
Information System Controls Information System Controls y General Control – Systems (e.g., regulatory reporting, G/L) are appropriately implemented, maintained and operated and only authorized i t i d d t d d l th i d changes are made to the system Application Control – Specific application control, ensures that transactions are recorded t l th t t ti d d and are processed completely, accurately and timely timely
Information System Controls Information System Controls y Staff should have an adequate knowledge of Staff should have an adequate knowledge of regulatory reporting systems or software Backup or succession plan should be in place for key personnel y p New specifications or new systems should be formally reviewed, tested and comply with f ll i d t t d d l ith new requirements
Information System Controls Information System Controls y New software or database package should meet N ft d t b k h ld t all reporting requirements The software package should include adequate security and control features and it should be security and control features and it should be on the network with restricted access
Data Collection Process Data Collection Process Data Collection Process Data Collection Process Establish a standardized data collection Establish a standardized data collection process with sufficient quality controls and accountability for data and accountability for data A process lacking standardization with high A l ki t d di ti ith hi h level of manual intervention is susceptible to significant errors significant errors.
Data Collection Process Data Collection Process Data Collection Process Data Collection Process B Best Practices P i Implement controls Automate Stream-line the process Set and enforce regulatory reporting standards, globally Establish a process to monitor the accuracy of information submitted for regulatory reports
Data Collection Process Data Collection Process Data Collection Process Data Collection Process Granularity of information required for regulatory reporting is not always available Best Practices D Design a system/process where sufficient i / h ffi i level of detail is available Design a system with an option to accommodate future changes
Manual Collection Process Manual Collection Process Manual Collection Process Manual Collection Process The information necessary to prepare Th i f i regulatory reports is collected manually Best Practice Establish sufficient internal controls to bli h ffi i i l l compensate for the weaknesses inherent in the manual data collection processes in the manual data collection processes.
Systems’ Interface Systems’ Interface Systems Interface Systems Interface Inadequate systems’ interface I d t t ’ i t f (e.g., G/L, subsystems and regulatory reporting system) ti t )
System Integration System Integration System Integration System Integration Multiple systems to capture the same information increases processing time, maintenance and support
System Integration System Integration System Integration System Integration Best Practices Consistent reporting of financial products from Consistent reporting of financial products from a single source or few sources Reduce month-end closing period and eliminate Reduce month end closing period and eliminate or minimize reconciliation among systems
Data Integrity Data Integrity Data Integrity Data Integrity Implement sufficient controls to ensure I l ffi i l information captured by subsystems is accurate accurate
Data Integrity Data Integrity Data Integrity Data Integrity B Best Practices t P ti Review subsystems and identify and resolve any programming issues resolve any programming issues. Ensure the integrity of the information g y housed by subsystems prior to pursuing an automated solution.
Data Integrity Data Integrity Data Integrity Data Integrity Coding of Customer Information Files C di f C t I f ti Fil (CIFs) Best Practices Review the accuracy of data in CIF and identify Review the accuracy of data in CIF and identify discrepancies in coding on a regular basis. I Improve methodology for coding of new h d l f di f customers.
Data Integrity Data Integrity Data Integrity Data Integrity Incorrect assignment of risk Incorrect assignment of risk characteristics – Market Risk – Credit – Domicile
Manual Adjustments Manual Adjustments Manual Adjustments Manual Adjustments Adjustments applied to the system Adj t t li d t th t generated information must contain s fficient details concerning the nat re sufficient details concerning the nature of the adjustment. Best Practice Review adjustments to determine the Review adjustments to determine the cost-benefit of automating adjustments.
Early Detection System Early Detection System Early Detection System Early Detection System Analysis can detect potential issues with A l i d t t t ti l i ith reporting Best Practice Best Practice Implement an early detection system for a business related analysis and detection of potential errors and inconsistencies.
Systems’ Flow – Industry Trend Systems’ Flow – Industry Trend DERIVATIVE LOANS DUE FROM DEPOSITS PRODUCTS GENERAL LEDGER STANDARDS GENERAL LEDGER STANDARDS CUSTOMER CUSTOMER (EDIT, ROUTING, BULKING, TRANSLATION, RECONCILATION) (EDIT, ROUTING, BULKING, TRANSLATION, RECONCILATION) INFORMATION FILES Data Global General RECONCILIATION Warehouse Ledger STANDARD REPORTING / EXTRACT TOOLS SEC S C MANAGEMENT A AG REGULATORY G A O TAX A REPORTING REPORTING REPORTING REPORTING
Transaction Level Data Base Transaction Level Data Base Transaction Level Data Base Transaction Level Data Base Consolidated source for bank’s subsystems lid d f b k b Allows institution to move from a manually y intense process to an automated process Required data are centrally stored Required data are centrally stored Drill-down capability Granular information can be easily extracted
Accountability t bilit A
Objectives Objectives Objectives Objectives Accountability A bili Data Ownership Data Ownership Corrective Action
Accountability Accountability All involved must work together to achieve highest quality reporting highest quality reporting Create a culture of accountability Create an Accountability Policy and distribute firm wide
Accountability Accountability Institution-wide awareness and i i id d involvement in the reporting process – Regulatory Reporting – Operations Operations – Information Technology – Businesses
Data Ownership Data Ownership Data Ownership Data Ownership Individuals responsible for regulatory I di id l ibl f l reporting data may not be well versed in regulatory reporting requirements regulatory reporting requirements Best Practices Regulatory Reporting should distribute roles and responsibilities to data owners. Firm wide regulatory reporting training program.
Data Ownership Data Ownership Data Ownership Data Ownership Individuals responsible for information – Accountable for data integrity provided Accountable for data integrity provided – Responsible for analyses
Data Ownership Data Ownership Data Ownership Data Ownership Contact information of data owners may C t t i f ti f d t not be available or may not be current Best Practices Create a contact list of all involved in the process, including two levels of management. U d Update as needed. d d
Corrective Action Corrective Action Corrective Action Corrective Action Incorrect reporting by the business units I t ti b th b i it and data owners Best Practices Create an escalation process to identify and p y resolve issues in a timely manner. Document all incorrect and inconsistent reporting. p g Create an accountability model to enforce compliance with requirements.
Corrective Action Corrective Action Corrective Action Corrective Action Establish a system to ensure accountability Establish a system to ensure accountability – Timeframe – Initiatives to resolve the problem I i i i l h bl – Short and long-term action plan – Individual(s) responsible – Consequences Meet with senior management regularly
Analysis i Richard Molloy l A
Analysis Analysis Analysis Analysis Review data prior to submission (including a management review) ( g g ) Analyze and document reasons for significant changes or trends Reconcile data to the G/L, other R il d t t th G/L th regulatory reports and SEC reports
Analysis Analysis Analysis Analysis Ensure data are reasonable and reflect current business activity Analyze data at the legal entity and business level business level Prepare guidance for preparing high quality Prepare guidance for preparing high quality explanations for regulatory reports
U.S. GAAP and U.S. GAAP and Regulatory Compliance Regulatory Compliance Regulatory Compliance Regulatory Compliance Regulatory Reports are based on Regulatory Reports are based on U.S. Generally Accepted Accounting Principles (U S GAAP) Principles (U.S. GAAP) – In 1997, regulatory reports were reviewed , g y p and the majority of RAP vs. GAAP differences were eliminated – Some differences still exist but they are primarily related to presentation p y p
U.S. GAAP and U.S. GAAP and Regulatory Compliance Regulatory Compliance Regulatory Compliance Regulatory Compliance Investments in Debt and Equity Securities – Does the accounting for securities comply with FAS 115? - Classification - Are securities accounts routinely reviewed for impairments and are adjustments to securities accounts reviewed and approved by officials designated in i d d d b ffi i l d i t d i management policy? - Are current fair values of securities obtained and Are current fair values of securities obtained and reviewed timely? – Are trading assets and liabilities reported at FV with Are trading assets and liabilities reported at FV with unrealized gains/(losses) reported in earnings?
U.S. GAAP and U.S. GAAP and Regulatory Compliance Regulatory Compliance Regulatory Compliance Regulatory Compliance Loans – Is loan information entered into the l i f i d i h data-processing systems timely and i d independently tested to ensure accuracy? d tl t t d t ?
U.S. GAAP and U.S. GAAP and Regulatory Compliance Regulatory Compliance Regulatory Compliance Regulatory Compliance Are loans classified correctly? - Does adequate mapping exist to map loans to report breakouts? - Are loans that are originated or purchased with the intent to sell in the future classified as held for sale? h f l ifi d h ld f l - Are loans held for sale reported at the LOCOM value and re-valued at each reporting period? at each reporting period? - Are purchased impaired loans reported in accordance with AICPA SOP 03-3 including - Ensuring ALLL is not “carried over” - Initially recorded at fair value - Only undiscounted cash flows over initial investment are accreted
U.S. GAAP and U.S. GAAP and Regulatory Compliance Regulatory Compliance Regulatory Compliance Regulatory Compliance Are subsidiary ledgers and trial balances maintained and reconciled with the G/L timely and any differences investigated and resolved? Are payments due for principal and interest monitored for their receipt, aging of delinquencies, and follow-up with late payments? late payments? Are procedures periodically performed to ensure the calculation and maintenance of the ALLL and specific calculation and maintenance of the ALLL and specific reserves are consistent with the stated policies and procedures, U.S. GAAP and applicable supervisory guidance?
U.S. GAAP and U.S. GAAP and Regulatory Compliance Regulatory Compliance Regulatory Compliance Regulatory Compliance Derivative products D i ti d t – Are methodologies for valuation of derivative g products and assessing hedge effectiveness documented and comply with FAS 133? – Is information relating to derivative products complete and accurate when entered into the p accounting and trading systems? – Are derivative activities monitored? Are derivative activities monitored?
U.S. GAAP and U.S. GAAP and R R Regulatory Compliance Regulatory Compliance l t l t C C li li Netting/Offsetting g g – Offsetting of assets and liabilities is improper unless a valid right of set-off exists valid right of set-off exists – Regulatory reports generally require reporting gross – However, if an institution does net - Are policies and procedures in place for reviewing the transactions and supporting documentation to ensure that the banking institution is in compliance with FASB Interpretations No 39 and No 41? with FASB Interpretations No. 39 and No. 41?
Reconciliation Several regulatory reports contain similar data and g y p balances and/or fluctuations should be similar Call Report vs. FR 2900 – Excluding several known definitional differences between these reports, several data items should be the same. Differences should be researched and sa e. e e ces s ou d be esea c ed a d documented. – Legitimate definitional differences are in the g FR 2900 instructions and can be found at: http://www.newyorkfed.org/banking/reportingforms/index.html p y g g p g
Reconciliation Reconciliation Reconciliation Reconciliation Call Report vs. BHC report – Banks are components of the consolidated BHC therefore, significant account balance variances at the bank level should be compared to variances at the BHC level and instances with small or negative correlation explained
Reconciliation Reconciliation Reconciliation Reconciliation Public Financial Statements vs. Regulatory Reports – Are differences between reports anal analyzed, explained and documented? ed e plained and doc mented?
Business Units Business Units Business Units Business Units Non Bank Subsidiary reports (FR 2314 Non Bank Subsidiary reports (FR 2314, FR Y-11 and FR Y-7/7N) – Is organization (FR Y-6, FR Y-7) and financial information reviewed quarterly to ensure reports are submitted for subsidiaries meeting reporting thresholds?
Reasonableness Reasonableness Reasonableness Reasonableness Do variances correspond to business Do variances correspond to business activities? – Mergers M – Purchases, acquisitions or asset sales – Earnings announcements – Accounting changes A i h – New financial instruments or markets
Call/BHC Modernization Call/BHC Modernization Call/BHC Modernization Call/BHC Modernization Call and BHC reports must contain explanations Call and BHC reports must contain explanations for published edits that are flagged High quality explanations include: Hi h lit l ti i l d – The business reason for the fluctuation – Relevant amounts, dates, and total amounts – Offsetting activity Offsetting activity – Types of counter parties – Instruction/policy citations I t ti / li it ti
Call/BHC Modernization Call/BHC Modernization Call/BHC Modernization Call/BHC Modernization Unacceptable or low quality explanations Unacceptable or low quality explanations – Contain comments about the quality of the data q y such as confirmed and verified – Missing information (e.g., amounts, Missing information (e.g., amounts, counterparty) – Partial explanations Partial explanations
Perspective from Washington, DC Perspective from Washington, DC Bob Maahs Bob Maahs Bank Supervision & Regulation Bank Supervision & Regulation Board of Governors Board of Governors
Discussion Topics Discussion Topics Discussion Topics Discussion Topics What we do at the Board of Governors What we do at the Board of Governors Importance and uses of regulatory reports Financial Services Regulatory Relief Act of 2006 2006 Supervisory Topics – Fair value accounting (FMV and FVO) – Negative Amortization Mortgage Products – Basel II (and IA) and Market Risk reporting
Recommend
More recommend